Anti Targeted Attack Platform

Network Traffic Analysis driven by Machine Learning

Today’s cybercriminals constantly design unique and innovative methods of penetration and compromise. To avoid perimeter prevention technologies they use social engineering, non-malware and supply chain attacks to operate under the radar of security designed to catch ‘bad’ traces. It’s not enough to just ‘know’ what’s bad or dangerous – enterprises need to understand what’s normal, and use AI-driven techniques that simplify and automate this process. Targeted Attack Analyzer is a machine learning engine that involves self-learning to establish the baseline of normal, legitimate activities of an entire network. Through continuous network telemetry collection it finds deviations, detects suspicious activities and predicts further malicious actions at the initial stages of multilayered attacks.

Threat Emulation through Advanced Sandboxing

Static analysis of network traffic does not provide adequate security on its own. Multilayered malware, additional payloads and hidden command and control communication requires multi-dimensional detection capabilities at the perimeter level to avoid endpoints and servers being compromised. Enterprises need to have extremely powerful detection engines (internal virus lab) to detect threats at the first stage, before lateral movement. Such Advanced Sandbox is based on established Kaspersky Lab technology that provides multi-layered detection with exploits discovery, user emulation, randomization of OS components, anti-evasion techniques and acceleration.

Automated correlation and complete network visibility

The ML-based correlation engine aggregates network-level telemetry and verdicts and empowers it with endpoint-level data from Kaspersky Endpoint Security. It gives complete visibility and correlates incidents with rich context, fully automated and easy to use for better decision making.

In Use

The most effective and trusted solution of its kind - PROVEN

Kaspersky Anti Targeted Attacks platform incorporates proven approaches to advanced cybersecurity in a single solution. Powerful ML-based Network Traffic Analysis and Advanced Sandboxing work together to deliver superior detection rates. All analysis is performed completely on-site to avoid critical data or objects shared with the outside world. This approach delivers the right balance of trust and functionality for enterprise organizations with internal privacy concerns or external regulatory compliance requirements. As a result the platform delivers 100% detection rates*, with 0% false positives, eliminating the need to waste time responding to false alarms.
*ICSA lab, Q2 2018

Automated in-house virus lab

The all-in-one Kaspersky Anti Targeted Attack platform fully automates data collection, analysis and correlation for the entire scope of network-level advanced threats. This significantly reduces the time security teams need to spend on threat detection while improving reaction times thanks to the contextual incident representation in the single console. The platform provides a detailed analysis of a threat’s scope by identifying compromised systems, communication between local and external systems and datasets and identities affected or compromised during the attack. It facilitates active discovery of threats over proxy, Web, email and endpoint activities which may be hidden in the network.

Premium Support

Professional help is available whenever you need it. Operating in more than 200 countries, from 34 offices worldwide, we have you covered 24/7/365. Take advantage of our Premium support packages, or call on our Professional Services to ensure that you derive maximum benefit from your Kaspersky Lab security installation.

The Threats

As the adoption of digital technologies such as the cloud, big data, mobile IoT and artificial intelligence continues apace, together with increasing inter-connectivity, new security, compliance and data protection challenges arise.

Data management and compliance issues which can slow business evolution

Lack of a planning and a unified security strategy for Incident Response

Shadow IT and low visibility over business assets, and the corresponding risks

New business initiatives suffering from ineffective or unsuitable security

Too many alerts to be verified due to 'false positives'

Stolen credentials and permissions which can put businesses at significant risk

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.